update policies with resource-excludes flag

Madhan Neethiraj Tue, 13 Sep 2022 21:27:32 -0700

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/74118/
-----------------------------------------------------------


Review request for ranger, Abhishek  Kumar, Ankita Sinha, Kishor Gollapalliwar, 
Abhay Kulkarni, Mehul Parikh, Pradeep Agrawal, Ramesh Mani, Sailaja Polavarapu, 
Subhrat Chaudhary, and Velmurugan Periasamy.


Bugs: RANGER-3080
    https://issues.apache.org/jira/browse/RANGER-3080


Repository: ranger


Description
-------

- updated policy create/update REST API validations to consider service-admin 
and zone-admin as users with admin privileges


Diffs
-----

  security-admin/src/main/java/org/apache/ranger/rest/ServiceREST.java 
b79188733 


Diff: https://reviews.apache.org/r/74118/diff/1/


Testing
-------

- verified that service-admin users can create/update policies with 
resource-excludes flag for the services in which they are listed as admin i.e., 
service config: service.admin.users
- verified that zone-admin users can create/update policies with 
resource-excludes flag in the zones in which they are listed as admin


Thanks,

Madhan Neethiraj

Review Request 74118: RANGER-3080: service-admin/zone-admin users should be allowed to create/update policies with resource-excludes flag

Reply via email to